From 6d1c2867ba344396951c92bad65ee7f919baa878 Mon Sep 17 00:00:00 2001
From: Sam Hartman <hartmans@mit.edu>
Date: Thu, 1 Nov 2001 21:21:28 +0000
Subject: [PATCH] 2001-11-01  Sam Hartman  <hartmans@mit.edu>

	* gss-server.c  gss-client.c:  ONly free buffers returned from
	GSSAPI using  gss_release_buffer

	* gss-client.c (client_establish_context): Trailing null should
	not be part of service name

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13926 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/appl/gss-sample/ChangeLog    |  8 ++++++++
 src/appl/gss-sample/gss-client.c |  6 +++---
 src/appl/gss-sample/gss-server.c | 20 ++++++++++++--------
 3 files changed, 23 insertions(+), 11 deletions(-)

diff --git a/src/appl/gss-sample/ChangeLog b/src/appl/gss-sample/ChangeLog
index 7a65670f9..5a5cf81d3 100644
--- a/src/appl/gss-sample/ChangeLog
+++ b/src/appl/gss-sample/ChangeLog
@@ -1,3 +1,11 @@
+2001-11-01  Sam Hartman  <hartmans@mit.edu>
+
+	* gss-server.c  gss-client.c:  ONly free buffers returned from
+	GSSAPI using  gss_release_buffer
+
+	* gss-client.c (client_establish_context): Trailing null should
+	not be part of service name 
+
 2001-10-09  Ken Raeburn  <raeburn@mit.edu>
 
 	* gss-misc.c, gss-misc.h: Make prototypes unconditional.
diff --git a/src/appl/gss-sample/gss-client.c b/src/appl/gss-sample/gss-client.c
index 7fdc89fdc..64698aa0e 100644
--- a/src/appl/gss-sample/gss-client.c
+++ b/src/appl/gss-sample/gss-client.c
@@ -149,7 +149,7 @@ static int client_establish_context(s, service_name, deleg_flag, auth_flag,
 	* local variable space.
 	*/
        send_tok.value = service_name;
-       send_tok.length = strlen(service_name) + 1;
+       send_tok.length = strlen(service_name) ;
        maj_stat = gss_import_name(&min_stat, &send_tok,
 				  (gss_OID) gss_nt_service_name, &target_name);
        if (maj_stat != GSS_S_COMPLETE) {
@@ -199,7 +199,7 @@ static int client_establish_context(s, service_name, deleg_flag, auth_flag,
 				NULL);	/* ignore time_rec */
 
 	 if (token_ptr != GSS_C_NO_BUFFER)
-	   (void) gss_release_buffer(&min_stat, &recv_tok);
+	   free (recv_tok.value);
 
 	 if (send_tok.length != 0) {
 	   if (verbose)
@@ -511,7 +511,7 @@ static int call_server(host, port, oid, service_name, deleg_flag, auth_flag,
 	   printf("Response received.\n");
        }
 
-       (void) gss_release_buffer(&min_stat, &out_buf);
+       free (out_buf.value);
      }
 
      if (use_file)
diff --git a/src/appl/gss-sample/gss-server.c b/src/appl/gss-sample/gss-server.c
index 81c5f3593..28a8070db 100644
--- a/src/appl/gss-sample/gss-server.c
+++ b/src/appl/gss-sample/gss-server.c
@@ -146,7 +146,10 @@ static int server_establish_context(s, server_creds, context, client_name,
      if (recv_token(s, &token_flags, &recv_tok) < 0)
        return -1;
 
-     (void) gss_release_buffer(&min_stat, &recv_tok);
+     if (recv_tok.value) {
+       free (recv_tok.value);
+       recv_tok.value = NULL;
+     }
      if (! (token_flags & TOKEN_NOOP)) {
        if (log)
 	 fprintf(log, "Expected NOOP token, got %d token instead\n",
@@ -179,7 +182,7 @@ static int server_establish_context(s, server_creds, context, client_name,
 				  NULL, 	/* ignore time_rec */
 				  NULL); 	/* ignore del_cred_handle */
 
-	 (void) gss_release_buffer(&min_stat, &recv_tok);
+	 free(recv_tok.value);
 
 	 if (send_tok.length != 0) {
 	   if (verbose && log) {
@@ -429,7 +432,7 @@ static int sign_server(s, server_creds, export)
 	 if (log)
 	   fprintf(log,
 		   "Unauthenticated client requested authenticated services!\n");
-	 (void) gss_release_buffer(&min_stat, &xmit_buf);
+	 free (xmit_buf.value);
 	 return(-1);
        }
 
@@ -438,13 +441,13 @@ static int sign_server(s, server_creds, export)
 			       &conf_state, (gss_qop_t *) NULL);
 	 if (maj_stat != GSS_S_COMPLETE) {
 	   display_status("unsealing message", maj_stat, min_stat);
-	   (void) gss_release_buffer(&min_stat, &xmit_buf);
+	   free (xmit_buf.value);
 	   return(-1);
 	 } else if (! conf_state && (token_flags & TOKEN_ENCRYPTED)) {
 	   fprintf(stderr, "Warning!  Message not encrypted.\n");
 	 }
 
-	 (void) gss_release_buffer(&min_stat, &xmit_buf);
+	 free (xmit_buf.value);
        }
        else {
 	 msg_buf = xmit_buf;
@@ -471,8 +474,8 @@ static int sign_server(s, server_creds, export)
 	   display_status("signing message", maj_stat, min_stat);
 	   return(-1);
 	 }
-
-	 (void) gss_release_buffer(&min_stat, &msg_buf);
+if (token_flags & TOKEN_WRAPPED)
+  free (xmit_buf.value);
 
 	 /* Send the signature block to the client */
 	 if (send_token(s, TOKEN_MIC, &xmit_buf) < 0)
@@ -481,7 +484,8 @@ static int sign_server(s, server_creds, export)
 	 (void) gss_release_buffer(&min_stat, &xmit_buf);
        }
        else {
-	 (void) gss_release_buffer(&min_stat, &msg_buf);
+	 if (token_flags & TOKEN_WRAPPED)
+	   free (xmit_buf.value);
 	 if (send_token(s, TOKEN_NOOP, empty_token) < 0)
 	   return(-1);
        }
-- 
2.26.2